mIRC Home    About    Download    Register    News    Help

Print Thread
Page 1 of 2 1 2
an idea, but not suggestion yet #10850 13/02/03 04:31 AM
Joined: Jan 2003
Posts: 31
T
theAncinetOne Offline OP
Ameglian cow
OP Offline
Ameglian cow
T
Joined: Jan 2003
Posts: 31
mIRC is very similar in nature to MS Outlook. What I mean by this? It is very good for the primary function it was designed for (chatting and e-mail respectively), It also comes with powerful scripting and thus it is exploitable and used to pass on viruses.

What if DCC send/receive would work only if both sides had each other in the address book set by default to ON?

What if the firewall support would only work if the firewall was on the same IP range (depending on class A B C) or on the same domain if the name was resolvable? After all, the feature is called "firewall" it is only meant to get you trough your local firewall, and not for exploiting other connections.

What if mIRC used some serial number as ident? After all you are not doing anything wrong thus you don't get banned right?
And no, serial numbers do not affect your privacy any more than any other information in nickname/ident/fullname. Perhaps this feature could be turned on by 005 numeric, at the network's request (REQUESTMIRCIDENT=YES).

What if mIRC would allow you to set a password to protect your scripts from being modified, perhaps using MD5 values for the scripts? The same feature would also mean you cannot load

What if I stop for now, LOL.

Re: an idea, but not suggestion yet #10851 13/02/03 01:24 PM
Joined: Dec 2002
Posts: 349
S
Skip Offline
Fjord artisan
Offline
Fjord artisan
S
Joined: Dec 2002
Posts: 349
What if people took responsibility for their actions and let those that do the right thing continue doing it unimpeded?

Could you imagine if the next mIRC came out without url support to stop misguided people clicking spam that infects their machines, without firewall support to stop people hiding behind comprimised hosts, without /timer to stop people turning channels into markets, without dcc send because some people use mIRC for file trading, without sockets because some tool decided to write a trojan, without /amsg, /ame or colours because some people use automated away and mp3 scripts with hideous colour schemes more then they actually chat, a mIRC that restricted people to only connect to servers in mIRCs server list because we all know what people get up to on those private servers, and an autopart of +s channels for good measure! ..... I couldn't :P

I don't think mIRC should be designed for the imbeciles, kiddies, bad-guys, and just misguided people. Adding extra security 'for the user' never hurts, but impeding functionality because some people ruin it for everyone else does. Would it really work anyway? The bad guy is the last person drastic measures will effect.

I think your dcc address book idea is a good idea, but how long before people blindly add others to their address book?

Just my 2 cents anyhow.. smile

Re: an idea, but not suggestion yet #10852 13/02/03 07:49 PM
Joined: Feb 2003
Posts: 30
A
Algorithms Offline
Ameglian cow
Offline
Ameglian cow
A
Joined: Feb 2003
Posts: 30
In response to scripts, if you don't want someone to modify it, don't make it publically available or create a compiled DLL or COM object. (btw, you can add MD5 support using a DLL, I just use an on text and we start our encoded sentences with [MD5]).

As for the other things you mentioned, I would have to disgaree, malicious users are going to find ways around things, implementing these annoying detourants will only stop maybe .. 10 people, Ok, 11. wink But it will hurt the average user more than it will effect the "l33t h4x0rs"


Bluesock - Better than a redhat.
http://www.bluesock.com
Re: an idea, but not suggestion yet #10853 13/02/03 11:31 PM
Joined: Dec 2002
Posts: 2,809
C
codemastr Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Quote:
What if DCC send/receive would work only if both sides had each other in the address book set by default to ON?

And for the several dozen clients that don't support address books? Just prevent mIRC from dcc send/receive'ing with these clients? And how should mIRC know if you are listed on the other users address list?

Quote:
What if the firewall support would only work if the firewall was on the same IP range (depending on class A B C) or on the same domain if the name was resolvable? After all, the feature is called "firewall" it is only meant to get you trough your local firewall, and not for exploiting other connections.

Well, there are SEVERAL companies that sell access to firewalls. These firewalls are NOT owned by your ISP and therefore may have not a single similarity to your IP address. Why should people who use these services be penalized? Also, I have access to several machines not run off my ISPs lines. I have access to install a socks4/5 server on these machines. Why shouldn't I be allowed to use my own server?

Quote:
What if mIRC used some serial number as ident? After all you are not doing anything wrong thus you don't get banned right?
And no, serial numbers do not affect your privacy any more than any other information in nickname/ident/fullname. Perhaps this feature could be turned on by 005 numeric, at the network's request (REQUESTMIRCIDENT=YES).

If mIRC implemented such a feature, I know I (and probably everyone else) would disable identd support in mIRC and just download an identd.exe and set it to use whatever you want. It's a bad idea and one that can't even be implemented correctly. For example, how do you propose this serial number be generated? And how can it not give out more info? Thats a ridiculous statement. Nick/ident/fullname you can change, this serial number you can not. I can set my nick to "Bill", my realname to "Bill", and my ident to "bill" well my name isn't bill, so no information is given. But if a serial number is given some unwanted info is distributed. For example, one of the most effective serials is generated from the hardware installed on the system. If someone can determine how mIRC generates this hash they now know all the hardware installed in my system. Such a thing could lead to people being able to exploit your system (hardware is not immune to exploits, the Pentium 3 for example had a feature that could allow someone to track websites you viewed, etc). So how is knowing every piece of hardware on my system and possibly knowing ways to compromise my system in no way compromise security? How can you possibly compare knowing such information to seeing my nick as the fake name "bill"? Then assuming you do come up with some hash that provides no information and is unique, your 005 idea isn't possible at all. The 005 numeric is sent AFTER the ident response is already received. So how can mIRC send the serial rather than the regular ident only when it receives this token if it only receives this token after it has already sent the regular ident?

Quote:
What if mIRC would allow you to set a password to protect your scripts from being modified, perhaps using MD5 values for the scripts? The same feature would also mean you cannot load

MD5 is a hash, NOT encryption. If something is hashed with MD5, well you can't reverse it. It is 1 way, thats how hashes work. As for using a two way algorithm, well if mIRC can decrypt it, that means anyone can, as long as they know how mIRC decrypts and encrypts. And based on the fact that people have discovered the method mIRC uses to generate serial numbers, I'm quite sure someone could break this protection in a matter of minutes. And if you meant it can't be viewed in the editor because the user didn't enter a passowrd, what is to stop someone from opening it in notepad or some other text editor that would completely ignore this password because it knows nothing about it?

Re: an idea, but not suggestion yet #10854 14/02/03 12:35 AM
Joined: Jan 2003
Posts: 31
T
theAncinetOne Offline OP
Ameglian cow
OP Offline
Ameglian cow
T
Joined: Jan 2003
Posts: 31
Before I address couple of your points, as the topic says these are ideas only.

1. I take your point about 005. Well spotted. The ident, as its word indicates is to identify. you have that in so many other programs in one way or another (ICQ's UIN for example) I just <emphasis>feel</emphasis> eventually IRC will need that.

2. DCC send/receive idea. I think you misunderstood the concept. To send a file over DCC you would have to add the target user to the address book. To receive a DCC file transfer you would have to have sender in your address book. This doesn't exclude other clients, just increases protection of mIRC users. mIRC doesn't check both ends, just your own.

3. md5 - again I think you misunderstood the intention. This is not to prevent people from modifing, adding, reading, creating etc. Nor is it to be used as encryption. This is a thing to give you the ultimate control over what mIRC starts. Lets say you have something.mrc, best srcipt in the world. An external virus happens to distribute the same file. Your mirc would warn you the md5 does not match the last one used and give you the option to start it or not.

4. proxy/firewall. Point taken. I still think open proxies contribute to enormous levels of problems on IRC alternative suggestions welcome.

Re: an idea, but not suggestion yet #10855 14/02/03 01:02 AM
Joined: Dec 2002
Posts: 2,984
Watchdog Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,984
Thats a ridiculous statement.

For someone that has spoken out against ban evaders as much as you have I would have thought that this is the last thing you would have said.

the Pentium 3 for example had a feature that could allow someone to track websites you viewed

Yes, it did, and had other hidden nasties too, but only because the WinHell syndicate wanted it that way. And that drove people in their thousands to AMD.

I can sympathise with the ident issue mentioned by the original poster. It's a long overdue feature that I know works because I, and people I know, have seen it work.

I feel, from a personal viewpoint, that many people on this board do not enjoy broadening their experiences or using a bit of nous to think about suggestions put here. It's all too easy to get into this 'I'll only ever believe in what has taken place on my own little world' and just bag everything else.

In short, unless you've tried it, don't bag it.

Well, there are SEVERAL companies that sell access to firewalls. These firewalls are NOT owned by your ISP and therefore may have not a single similarity to your IP address. Why should people who use these services be penalized?

You may have a valid point here but why is it necessary to access IRC servers this way?


Induced IRC
irc.induced.net
Re: an idea, but not suggestion yet #10856 14/02/03 01:53 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Quote:
I can sympathise with the ident issue mentioned by the original poster. It's a long overdue feature that I know works because I, and people I know, have seen it work.

- Sorry? You've seen a popular IRC client implement serial ident's? When did that happen? My point is that it hasn't happened with mIRC, or any major IRC client for that matter (that I know of anyway), so whether serial-type ident's works in any other area of computing is irrelevant. As codemastr stated, it would not be hard to circumvent, and the idea that people would then think that this was a foolproof way to ban someone would in fact make ban evasion so much worse because of the common user's trust in a feature that simply doesn't work.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: an idea, but not suggestion yet #10857 14/02/03 08:06 PM
Joined: Dec 2002
Posts: 2,984
Watchdog Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,984
Yes, I have seen it added to mIRC and yes it does work and yes, if you are adept with either programming or scripting you would be able to find out how it works and disable it. This isn't the point at this stage though, as you could enable or disable anything you like with further scripting, removal of scripting or hacking mIRC.

The fact is however that such a system can not only be set up to work but also remain that way 99% of the time after deployment.


Induced IRC
irc.induced.net
Re: an idea, but not suggestion yet #10858 14/02/03 08:12 PM
Joined: Dec 2002
Posts: 2,809
C
codemastr Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Well you just proved my point. This doesn't stop ban evading, it encourages spoofing! Your ID is 123456. I use a client that doesn't use serial-idents, I connect with WatchDog!123456@something.yourisp.com well now, to everyone online, I look like you. I have your "unique" serial number. But in any case, as I said, you show me the algorithm you want to use to generate this serial number, and I'll show you 10 ways to break it.

Re: an idea, but not suggestion yet #10859 14/02/03 08:55 PM
Joined: Dec 2002
Posts: 2,984
Watchdog Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,984
I hardly think that ban evasion applies to any great majority in the IRC world, most users log in, enjoy themselves and mind their own business. About 75% of those that know evading any ban is easy is more likely to find a new proxy before they realise that changing other details in mIRC *might* help them.

There's one other thing to, and I am not referring to or quoting something you mentioned, it's a general comment - alot of ideas and feature suggestions made here are replied with "then other programmes would have to have the same system for this or that to work". Yes and No... mIRC is by far the most popular chat programme in the world. That is why there are so many contributors to this forum and why everywhere you go there is likely to be a substantial majority using mIRC over other clients such as Pirch or the newer Klient, dIRC, Bersirc, etc or clients made for 2 or more operating systems such as Bitch X, X Chat, KVirc or the programmes made for Apple systems. On this note is there any harm in letting mIRC lead the way here? Vendors of Ident server software could easily follow suit here too.

Would you refuse to log into IRC just because you would have to hack into mIRC or an ident server to alter it's output for an ident request? I know I wouldn't. The USER part of your details is, usually, ten characters. I am sure therefore that privacy issues arn't a concern.

No-one has claimed here that it's a foolproof way of being able to ban people. One day with some positive thought the system, if implemented, could work well. A copper doesn't consign his ink pad to the bin just because his prisoner sands the prints off his fingers, does he....

Hmm, BTW, as I said before, generally the system does work reasonably well, as I have taken part in an initiative to help make it work. I'm by no means the only one. Before I give you your ten ways of defeating this idea (like it's really a challenge isn't it) can you please suggest a fairer way of doing it?


Induced IRC
irc.induced.net
Re: an idea, but not suggestion yet #10860 14/02/03 09:18 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Quote:
Hmm, BTW, as I said before, generally the system does work reasonably well, as I have taken part in an initiative to help make it work.

- How can it work well if it can be broken so easily? How can you help 'make it work'? If the point of this fictional ident is to make something which uniquely identifies someone and can't be changed or faked then by the very fact that it can be changed and faked it is immediately useless.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: an idea, but not suggestion yet #10861 14/02/03 09:24 PM
Joined: Dec 2002
Posts: 2,984
Watchdog Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,984
It's no more or less fictional that you using the first word or number that you think of.


Induced IRC
irc.induced.net
Re: an idea, but not suggestion yet #10862 15/02/03 12:12 AM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
Except that those aren't supposed to be, nor do they claim to be, permanent unique identifiers for a given person.


Spelling mistakes, grammatical errors, and stupid comments are intentional.
Re: an idea, but not suggestion yet #10863 15/02/03 12:27 AM
Joined: Dec 2002
Posts: 2,809
C
codemastr Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Well I can honestly say I saw NO point whatsoever to your post. I didn't bring up ban evasion, you did. Then when I reply, you dismiss the idea of ban evasion prevention. Well then why did you bring it up in the first place? As for mIRC "leading the way," yea it would be, if we are talking about "leading the way to the graveyard." If mIRC was setup in such a way that there was NO way to disable such a feature, I wouldn't use mIRC. I'm sure others feel the same way. I don't want people knowing information about me that I don't want them to know. If I don't want to give it out, then it shouldn't be given out, end of story.

"No-one has claimed here that it's a foolproof way of being able to ban people" Umm didn't you say at the begining of your post that ban evasion wasn't an issue? And now you imply that it is? Care to make up your mind?

Quote:
Would you refuse to log into IRC just because you would have to hack into mIRC or an ident server to alter it's output for an ident request?

Yes, I would. In fact I already don't use mIRC for my ident serving needs. But in any case I wouldn't "hack" anything. If mIRC didn't let you disable it's identd server, I would use a firewall to prevent mIRC from replying to the requests and my router from ever letting it receive them. And on the off chance that all ident servers implemented this feature, I'd simply write my own ident server.

Re: an idea, but not suggestion yet #10864 15/02/03 01:52 AM
Joined: Dec 2002
Posts: 2,809
C
codemastr Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Well I now understand what you mean when you say use md5. I don't think this is a bad idea, but it is not a perfect solution. It really only protects from a small number of attacks. Also a "true" trojan wouldn't even come close to being stopped by this. mIRC supports DDE, all a trojan has to do is send a command via DDE to mIRC and tell it to load script.mrc, mIRC If it is sent as /.load -rs script.mrc mIRC will not even give you any indication that a script has been loaded. I'm not saying don't add what you said, I'm just saying it would prolly protect from 3-4 trojans out of a sea of thousands.

Re: an idea, but not suggestion yet #10865 15/02/03 03:21 AM
Joined: Jan 2003
Posts: 31
T
theAncinetOne Offline OP
Ameglian cow
OP Offline
Ameglian cow
T
Joined: Jan 2003
Posts: 31
the way I had the feature in mind, it would stop any "load" unless it is authorised by you, or the MD5 matches to last load. Even if that was a DDE request.

Re: an idea, but not suggestion yet #10866 15/02/03 03:52 AM
Joined: Dec 2002
Posts: 2,984
Watchdog Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,984
Where did I mention the word 'permanent'? Now you are just putting words in my mouth - again. I've already conceded in my second post that it can be worked around in many ways, though only by those that know how to do it. Not everyone that gets banned does infact know.

Nothing is perfect but I've seen this work and it continues to work as we speak. We can sit here and dispute this for another five pages but that is the most pointless thing we could do. My last comment in this thread is 'seeing is believing'.


Induced IRC
irc.induced.net
Re: an idea, but not suggestion yet #10867 15/02/03 03:57 AM
Joined: Jan 2003
Posts: 31
T
theAncinetOne Offline OP
Ameglian cow
OP Offline
Ameglian cow
T
Joined: Jan 2003
Posts: 31
[20030215 14:55] * Connecting to irc.axenet.org (6660)
[20030215 14:55] -void.axenet.org- *** Looking up your hostname...
[20030215 14:55] -void.axenet.org- *** Checking ident...
* Identd request from 217.96.54.3
* Identd replied: 4528, 6660 : USERID : UNIX : T74B7F503
[20030215 14:55] -void.axenet.org- *** Received identd response
Welcome to the Axenet IRC Network Ancient!T74B7F503@******.net.au
Your host is void.axenet.org, running version UnrealAxe2.6c
This server was created Mon Jan 20 2003 at 21:56:09 CET
void.axenet.org UnrealAxe2.6c iowghraAsORVSxNCWqBzvdHtG lvhopsmntikrRcaqOALQbSeKVfHGCuzN
MAP KNOCK SAFELIST HCN MAXCHANNELS=15 MAXBANS=60 NICKLEN=30 TOPICLEN=307 KICKLEN=307 MAXTARGETS=20 AWAYLEN=307 are supported by this server
WALLCHOPS WATCH=128 SILENCE=5 MODES=12 CHANTYPES=# PREFIX=(ohv)@%+ CHANMODES=ohvbeqa,kfL,l,psmntirRcOAQKVHGCuzN NETWORK=Axenet are supported by this server

I take it you coded it. And I take it you will drop ident requests from the very next version as you have strong views about IDENTifing people. Or could that be that ident is useful and would be even more useful if it was really identifing the connection without giving out any personal info?

Re: an idea, but not suggestion yet #10868 15/02/03 06:32 PM
Joined: Dec 2002
Posts: 2,809
C
codemastr Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 2,809
Yes I wrote it, and the only reason ident is supported is because mIRC doesn't let you configure the username. It simply uses your nickname for the username. mIRC only allows you to configure the ident username. Therefore if users want to be able to change their username, they must have ident enabled and so must the server. I don't care if it identifies the connection, all I know is my users are going to complain if they are forced to use their nickname as their username as well. Plus the fact that if I disable ident many users will be banned, for example, since mIRC uses the nickname, if the nick is "[^]" (a legal nickname) the user will be disconnected for not specifying a valid username, since none of those characters are allowed in a username.

Don't make such big assumptions, when you do, you are generally wrong. And in this case you are 100% wrong. It has NOTHING to do with identifying a user, thats not at all why I use it.

Re: an idea, but not suggestion yet #10869 15/02/03 09:12 PM
Joined: Jan 2003
Posts: 31
T
theAncinetOne Offline OP
Ameglian cow
OP Offline
Ameglian cow
T
Joined: Jan 2003
Posts: 31
I made no assumptions, I just stated it is useful and it would be more useful if it was meaningful.

I am sure you have come against countless number of chatters that deserved a perm ban and you only got very frustrated because the person was a) on dial-up b) changed nickname/ident/fullname on each connection. So you contacted his ISP and they told you "they will deal with it" or simply ignored you.

I cannot say I would feel insecure by the fact that my ident would be the same. I use the same 2 nicknames for last 7 years. How identifying is that?

I know it is a difficult concept for many to deal with. Yes, it would not stop every "problem" out there, but it would stop a fair few, giving you the time to deal with the others.

The ideas I presented in the original post are for protection of chatters and networks alike. There is nothing sinister there.

I'm just sick and tired of innocent people getting infected by new Trojans, and secondly by having to kill few hundred connections a day because some one just found another web site with free "l337" script. If there is a way to reduce it by a big margin I would like to see it done. mIRC being the most popular client out there can make it happen. I don't see why it would suddenly loose on popularity.

You may find that more people would use IRC if it lost the stigma of being infested with viruses, flooders and all the other nonsense.

frown

Page 1 of 2 1 2